1. Concordia University

    http://www.ctmotoparts.com/content/shared/en/events/offices/vprgs/sgs/2020/01/10/phd-oral-exam-kobra-khanmohammadi-electrical-and-computer-engineering.html

    Thesis defences

    PhD Oral Exam - Kobra Khanmohammadi, Electrical and Computer Engineering

    Leveraging the Use of API Call Traces for Mobile Security

    Date and time
    Date & time

    January 10, 2020
    10 a.m. – 1 p.m.

    Where
    Where

    Room LB 619
    J.W. McConnell Building
    1400 De Maisonneuve Blvd. W.
    Sir George Williams Campus

    Cost
    Cost

    This event is free

    Wheelchair accessible
    Wheelchair accessible

    Yes

    Organization
    Organization

    School of Graduate Studies

    Contact
    Contact

    Jennifer Sachs

    When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.

    Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.

    Abstract

    The growing popularity of Android applications (apps) has generated increased concerns over the danger of piracy and the spread of malware. A popular way to distribute malware in the mobile world is through the repackaging of legitimate apps. This process consists of manipulating an app by adding malware and other undesirable features and publishing it again in an app store. In this thesis, we conducted an empirical study of over 15,000 apps to gain insights into the factors that drive the spread of repackaged apps. We examined the motivations of developers who publish repackaged apps and those of users who download them, as well as the factors that determine which apps are selected for repackaging, and the ways in which apps are modified during the repackaging process. We have also studied the structure of Android applications to uncover the locations where malicious code are embedded into legitimate applications. Our findings show that service components contain key characteristics that entice attackers to misuse them. Therefore, we studied the behavior of malicious and benign services in more depth. We found that while benign services tend to inform the user of the background operations, malicious services take longer to run system operations and have a loose connection with the rest of the code. These findings led us to propose an approach to detect malware by studying the behavior of Android app services, which we modeled using API calls. We proposed various approaches using static and dynamic analysis techniques as well as machine learning to detect repackaged apps using API calls that we extracted by analyzing the apps’ services. We conducted experiments on large datasets to support our findings.

    Back to top

    © Concordia University

    奇米影视盒